From 4a2507b3033b6e2b4fe0fabc155d7d5c86efdf98 Mon Sep 17 00:00:00 2001 From: rlaisqls Date: Sun, 27 Aug 2023 10:28:36 +0900 Subject: [PATCH] =?UTF-8?q?=E2=9A=A1=EF=B8=8F=20::=20cert=20=EC=84=A4?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- charts/istio/values.yaml | 29 +++++++++++++++++++ .../templates/xquare-cert.yaml | 15 ++++++---- charts/xquare-certificate/values.yaml | 16 ++++++++++ 3 files changed, 54 insertions(+), 6 deletions(-) diff --git a/charts/istio/values.yaml b/charts/istio/values.yaml index 94e8489f..997e3d32 100644 --- a/charts/istio/values.yaml +++ b/charts/istio/values.yaml @@ -32,6 +32,35 @@ operator: service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443" service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true" +gateway: + - hosts: + - '*.xquare.app' + port: + name: https + number: 443 + protocol: HTTPS + tls: + mode: SIMPLE + credentialName: xquare-cert + - hosts: + - '*.dsm-pick.com' + port: + name: https + number: 443 + protocol: HTTPS + tls: + mode: SIMPLE + credentialName: pick-cert + - hosts: + - '*.dsm-repo.con' + port: + name: https + number: 443 + protocol: HTTPS + tls: + mode: SIMPLE + credentialName: repo-cert + virtualServices: - name: argocd-server host: argo-cd.xquare.app diff --git a/charts/xquare-certificate/templates/xquare-cert.yaml b/charts/xquare-certificate/templates/xquare-cert.yaml index 0dc9888b..e09ce46f 100644 --- a/charts/xquare-certificate/templates/xquare-cert.yaml +++ b/charts/xquare-certificate/templates/xquare-cert.yaml @@ -1,13 +1,14 @@ +{{- range .Values.certificates }} apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: xquare-cert + name: {{ .name }} namespace: istio-system spec: isCA: true duration: 87600h # 10 years - secretName: xquare-cert - commonName: 'xquare.app' + secretName: {{ .name }} + commonName: {{ .commonName }} privateKey: algorithm: ECDSA size: 256 @@ -16,9 +17,11 @@ spec: - cluster.local - cert-manager dnsNames: - - '*.xquare.app' - - 'xquare.app' + {{- range .dnsNames }} + - {{ . }} + {{- end }} issuerRef: name: letsencrypt-issuer kind: ClusterIssuer - secretName: xquare-cert + secretName: {{ .name }} +{{- end }} diff --git a/charts/xquare-certificate/values.yaml b/charts/xquare-certificate/values.yaml index e69de29b..8696d988 100644 --- a/charts/xquare-certificate/values.yaml +++ b/charts/xquare-certificate/values.yaml @@ -0,0 +1,16 @@ +certificates: + - name: xquare-cert + commonName: xquare.app + dnsNames: + - '*.xquare.app' + - 'xquare.app' + - name: pick-cert + commonName: dsm-pick.com + dnsNames: + - '*.dsm-pick.com' + - 'dsm-pick.com' + - name: repo-cert + commoNname: dsm-repo.com + dnsNames: + - '*.dsm-repo.com' + - 'dsm-repo.com' \ No newline at end of file